Demonstrating with a real company how a hacker can compromise an organisation in under 2 hours using OSINT and social engineering.

Video Transcript

Today I’ll be demonstrating how cybercriminals use open-source intelligence to create targeted and highly effective phishing emails that can establish a foothold for company-wide ransomware attacks. …


I found a way to alter a premium subscription service price and bought it for a penny. This is how I did it.

Photo by Polina Tankilevitch from Pexels

Whenever I’m bug hunting on a target that takes payments, I always try to buy something using a test credit card number as described in my write-up…


I spoofed access to other people’s email in order to pre-steal user accounts before they are first registered. Here’s how I did it.

Photo by Markus Winkler on Unsplash

One thing I always test while hacking on bug bounty programs is how applications generate tokens. …


I found an API that exposed encrypted credit card numbers. Here’s how I cracked them to reveal the full card details.

Photo by Avery Evans on Unsplash

While hacking on a private bug bounty program, I found a graphql endpoint that exposed way more information about logged in users than it should have done. By playing…


“We’ve sent a six-digit code to your email address. Enter it below to login.”

Photo by Alvin Lenin on Unsplash

We see them all the time while testing web applications. In order to verify your identity, the application sends a 6 digit numerical code to your registered email address or phone number. The purpose is to…


Free and open proxy servers promise anonymous internet access, but at what cost?

Never trust an open proxy server
Photo by Mikael Seegen on Unsplash

In a world of ever-decreasing online privacy, it’s easy to get sucked into the ‘use an anonymous proxy to stay safe’ narrative. …


Evading detection and building trust with Captcha challenges and Smishing attacks.

The latest SMS Phishing message I’ve received from not-my-real phone company

This week I received another SMS Phishing attack which was almost identical to the previous Smishing attack I covered. There were two things that struck me as particularly interesting this time:

  1. The attack used the s.id


How hackers manually escalated from a malicious email to a devastating, company-wide ransomware takeover in under 5 hours.

Photo by Pixabay from Pexels

(This article aims to contextualize an excellent incident report by Thedfirreport.com. I’ve used my own experience to fill in the gaps to demonstrate how these attacks affect real people in real companies.)

The Attack Started Like Many Others


Every image you post online leaks information about you. This is how anyone can find your location using Open Source Intelligence (OSINT).

Let’s find the exact location of this photograph together.

Open Source Intelligence In Action — Geolocating a Photograph

Open Source Intelligence (OSINT) is the practice of using public or ‘open source’ information available on the internet to gather intelligence and gain insights on given targets. …


I got hit by a devastating worm that spread through phishing. This is how it worked and what I learned from it.

Photo by Miguel Á. Padriñán from Pexels

A long time ago in a world without Multi-Factor Authentication…

The first report came in shortly after 10 am. A user had fallen victim to a phishing attack

Craig Hays

Aspiring writer, Cybersecurity Architect, Bug Bounty Hunter, Musician, Movie Producer, Failed Skydiver. https://craighays.com

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store